package com.vincce.sport.core;

import java.util.List;

import javax.annotation.Resource;

import com.vincce.sport.entity.SysUserRole;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import com.vincce.sport.entity.SysResource;
import com.vincce.sport.entity.SysRole;
import com.vincce.sport.entity.SysUser;
import com.vincce.sport.mapper.SysResourceMapper;
import com.vincce.sport.mapper.SysRoleMapper;
import com.vincce.sport.mapper.SysUserMapper;

/**
 * Created with IntelliJ IDEA.
 * User: xupeng
 * Date: 13-11-27
 * Time: 下午2:25
 * To change this template use File | Settings | File Templates.
 */
public class AuthRealm extends AuthorizingRealm {

	private SysResourceMapper sysResourceMapper;
	private SysRoleMapper sysRoleMapper;
	private SysUserMapper sysUserMapper;
	
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(
			PrincipalCollection principals) {
		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        SysUser user = (SysUser) principals.fromRealm(getName()).iterator().next();
        
		List<SysRole> roleList = sysRoleMapper.findRoleByUserId(user.getId());
		user.setRoleList(roleList);
		for (SysRole role : user.getRoleList()) {
		    //基于Role的权限信息
		    info.addRole(role.getRoleName());//获得用户的角色
		    
		    List<SysResource> resourceList = sysResourceMapper.findResourceByRoleId(role.getId()+"");
		    for(SysResource resource:resourceList){
		    	info.addStringPermission(resource.getResourceUrl());//获得角色的访问权限
		    }
		}
        return info;
	}

	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(
			AuthenticationToken token) throws AuthenticationException {
		 UsernamePasswordToken upToken = (UsernamePasswordToken) token;
	        SysUser user=new SysUser();
	        try {
	            String loginName=upToken.getUsername();

	            user = sysUserMapper.findUserByLoginName(loginName);
                SysUserRole sysUserRole=new SysUserRole();
                sysUserRole.setUserId(Integer.valueOf(user.getId().toString()));
                user.setRoleId(sysUserMapper.findSysUserRole(sysUserRole).get(0).getRoleId());
	        }catch (Exception ex){
	            ex.printStackTrace();
	        }

	        if (user == null) {
	            throw new UnknownAccountException("No account found for user [" + upToken.getUsername() + "]");
	        } else {
	            if (user.getUserStatus().equals(1)) {
	                throw new DisabledAccountException();
	            }
	        }

	        return new SimpleAuthenticationInfo(user, user.getPassword(), getName());
	}


	public void setSysResourceMapper(SysResourceMapper sysResourceMapper) {
		this.sysResourceMapper = sysResourceMapper;
	}
	public void setSysRoleMapper(SysRoleMapper sysRoleMapper) {
		this.sysRoleMapper = sysRoleMapper;
	}
	public void setSysUserMapper(SysUserMapper sysUserMapper) {
		this.sysUserMapper = sysUserMapper;
	}

}
